A Server net (192.168.2.x - vlan 1) a DMZ (192.168.3.x - vlan 12 ) and a Guest net (192.168.4.x - vlan 10)
All this works fine, the computers / servers can reach each other - but they are not supposed to :)
When applying this access lists to the Server and DMZ vlan, then all connections goes down.
ip access-list extended Server permit ip any any
The server net need full access to the other networks.
ip access-list extended DMZ permit udp any any 192.168.2.9 0.0.0.0 domain permit udp any any 192.168.2.10 0.0.0.0 domain permit tcp any any 192.168.2.15 0.0.0.0 445 permit tcp any any 192.168.2.15 0.0.0.0 137-139 permit udp any any 192.168.2.15 0.0.0.0 137-139 permit tcp any any 192.168.2.19 0.0.0.0 8530
When trying from a FTP server (192.168.3.10) to telnet to 192.168.2.19 on port 8530 (WSUS), then its not working.
But when removing the ACL from the VLAN, then it works perfectly :(
Introduction:Topology Diagram:Configuration Overview:Related
Information: Introduction: This document describes how to connect SG300
with Catalyst switch via STP. Spanning Tree Protocol (STP) is a Layer 2
protocol that runs on mainly on switches. The spec...
Recently, HP Networking published a blog post attempting to counter the
favorable third party Miercom report on our Cisco® 200 and 300 Series
Smart and Managed switches:
The Sx500 Series Stackable Switches offers different port features. You
can add security to a port, make the port more energy efficient, map a
VLAN to a port, make a port available or not to a specific network
portion, and so forth. The next set of articl...